Tuesday, July 7, 2015

Today was difficult for us to find in the current infosec news, one which had nothing to do with the famous assault to the company Hacking Team, specialized in selling spy programs to governments around the world. But we found it: There is a warn of a Trojans explosion based on ZeusVM. We´ll expand the information and we´ll also talk about the big bang which is impossible to ignore: the assault on Hacking Team.

Last month the source code of the Trojan ZeusVM was released as were the tools to
create and customize it. ZeusVM is a variant of the famous banking
Trojan Zeus, with the particularity of using steganography to hide in
image files, something that is not new but what people are not used to and,
especially, allowing the Trojan to hide from antivirus . Experts announce a ZeusVM explosion after free tools to create
them have been posted.

Schneier knows everything

And now, we go for the meme of the moment: Hacking Team. Who wants to be promptly informed about the most important things we recommend following the post opened by security guru Bruce Schneier. Now informs us that the hacked company has asked customers to stop using their programs. Moreover, after the community has analyzed all 0days and spyware discovered in computers Hacking Team, Schneier points out that he has not found any exploit to iPhones without jailbreak, which makes them the most secure platforms of the moment.

And if it had happened to you?

Moreover, it has come to our attention an article with good tips for companies which want to be prepared for the worst. What to do if we suffer an assault and public humiliation as it has happened to Hacking Team? Move fast, ask for help, take control, warn of the assault and make sure that will not happen again. That's nothing.The hack-school

In recent times it seems we jump from a computer attack to another, seamlessly and faster and faster. Everyone agrees on the need of more security professionals to put into question the main systems. But where can we find them? Interestingly, while in the world there is such a need children grow up in schools without having even one course on computer security. It begins to be more and more proposals in this way, just missing the collaboration of schools and governments.

Reality has always been faster than our institutions, but now is dizzying and calls for a major effort by the society, which does what it can.